How Do I?

Selecting a Strong Password

Passwords are the key to the security of your information - and that of the rest of the school. It is very important that the password you use is as secure as possible. This is intended to be a guideline to "how to pick a good password".

Here's a quick list of things that you should never, ever use as your password:

"aggies" or any phrases referring to Texas A&M

"password" - that's the first one they'll try, because it's so stupid

your name or any part of your name

the name of a pet, friend, child, parent, spouse, or other person

your phone number or any other identifying number

your user id itself

any word or combination of words you would find in a dictionary

Hackers have an impressive collection of automated tools which can attack a computer system for hours, days, or weeks on end - it's a lot like trying every combination possible on a combination lock. It may take forever, but sooner or later, you're bound to get through, because there really are only so many possibilities. Unlike humans, computers have infinite patience for the task.

So here's some things you can try to come up with a password which is as strong as possible:

Remember those little phrases you were taught in school that were intended to help you remember lists of things? Like Roy G. Biv reminding you of the order of colors in a rainbow (red, orange, yellow, green, blue, indigo, violet). We can use something similar here. Pick a sentence, a quote, a phrase, a song title - almost anything, really. For example: "A lie told often enough becomes truth." - Lenin (Vladimir Ulyanov) becomes ALTOEBT.

Or choose a list of friends and pull the first initial from each name - if you have friends named Mary, Jane, Louise, and Margaret you could use MJLM as part of your password. It means nothing but may be easy to remember.

You can further complicate it by replacing some of the letters with numbers. For example, replace "o" with "0" (zero) or "l" with "1" or "E" with "3". Or add one or more numbers which you can easily remember.

IMPORTANT Replacing letters with numbers will not change the fact that you should not use real words! The hacker tools try almost every possible variation and misspelling and replacing letters with numbers. "c0ng10m3r4t3" may be just as vulnerable as "conglomerate".

Password security doesn't end with choosing a good password!

Just as important as choosing a good password is ensuring that you are the only person who knows what it is.

NEVER tell your password to anyone - not your supervisor, not your best friend, not the staff at CIS. If someone else needs access to resources only available to your password, contact CIS - or whoever is responsible for maintaining the security of that system - and set up a new user name and password for that person.

NEVER write your password down. A password written down can be easily compromised by someone finding that piece of paper. Hiding it on the bottom of your keyboard, the underside of the desk, the side of the drawer, and similar locations - simply isn't that clever. If someone really wants to find it, they will. Don't give them the opportunity!

What do I do if I forget my password? Call the Helpdesk at 740-4480 or stop by CIS in CLB 115. We will be happy to help you reset your password